I already wrote about that in my blog post linked above:) (And the text on the Wikipedia article. It's a small world.)
It seems a misattribution though, because (as you'll see if you read it) there is no textual evidence of Hoare having said it, and he himself has no recollection of any such thing.
No, Donald Knuth, Structured Programming with go to Statements, ACM Computing Surveys, Vol 6, No. 4, Dec. 1974 (p.268).
(Unless you can find a reference for Hoare having said it. See here.)
I've seen that video before:
It was commissioned by Harvard by an animation company called XVIVO. See the three-minute version here or here. There's a nice article about this particular animation, and [blatant self-promotion whatever, but to avoid retyping everything]: some other stuff.
E8 encapsulates the symmetries of a geometric object that is 57-dimensional [...] Note that this does not say anything about the universe. We can imagine a particular object that is 57-dimensional, and work out all its symmetries -- the object's symmetry group. (For example, the set of all symmetries of a (two-dimensional) equilateral triangle is a group with six elements (or three, if you only allow rotations). Similarly the group E8 is the set of symmetries of a certain 57-dimensional object.
[...] and is itself is 248-dimensional This is the dimension of the group E8 itself. It has nothing to do with the dimension of the universe, but is the dimension of the manifold that E8 can be viewed as.
So yeah, as the other commenter said, the universe still has 3+1 dimensions in this theory (according to the quote, at least).
Bruce Schneierposted about this a couple of days ago. You should read it for an excellent (and depressing) collection of stupid quotes from the authorities.
Governor Deval Patrick told the Associated Press: "It's a hoax -- and it's not funny."
It was not a hoax (they weren't trying to make them look like bombs), and it is funny. It's interesting how these signs were around in 10 cities for two weeks (including Boston) in very public places, and only in Boston and only now did someone decide to freak out and bring traffic to a halt. Someone joked:
"It's almost too easy to be a terrorist these days," said Jennifer Mason, 26. "You stick a box on a corner and you can shut down a city."
In 2004, a company named Cinea spent $5 million distributing custom DVD players to Academy and BAFTA members with very mixed results. Lately, it seems the new strategy is to stop trying. Maybe the industry is finally realizing that the best way to get recognized is for people to see your movie, despite the risk of piracy. For example, Munich was very likely snubbed for a British Oscar nomination in 2005 because the screeners were late and defective. The best case study is Lionsgate's promotion of Crash vs Disney's Cinea-encrypted screeners:
In a way, Lionsgate's strategy was the opposite of Disney's. While the indie sent its film to as many voters as possible, upping the odds copies could be pirated, the Mouse House focused on minimizing piracy, with the result that at least 26% of Oscar voters didn't watch its screeners.
The outcome: Crash shocked the world by winning Best Picture over the favored Brokeback Mountain, while Disney only got Best Makeup for The Chronicles of Narnia.
The official offered the XP operating system for about Rs.7000 while he quoted Rs.500. ...
ELCOT is not the loser when Microsoft did not accept our price of Rs.500; on the other hand, Microsoft loses out due to our big volumes involved," he said.
In other words, the guy wanted XP for 11 dollars, but Microsoft would only offer it for 158 dollars. Nice.
1. If it's generating a password based on soley on the site information(domain name, etc?) and the user supplied '@@' password then nothing will prevent phishers from using PwdHash to figure out what someone's real password is. The hash is a one-way function.
2. You can only use this where you have the extension installed. No. See posts above.
people will probably revert to using simple alphabetic passwords like "football" or "racecar" instead of more complicated ones I think you can get people to remember one strong password.
people will probably start using the same password for every site This is already true. That is exactly the problem. This extension only adds security to such people.
The best method would be to have long randomly generated passwords, different for each site, stored in an encrypted format accessible by using a password(a la gnupg). You still have to carry this chunk of data around with you. Try getting Grandma to do this. And what happens when she loses that chunk of data? It's harder to lose a single password.
Sometimes these university guys come up with some dumb shit. They have stated their goals clearly, and come up what is currently the best solution that fits those needs.
Anti-phishing is primarily a problem of protecting idiots. It's not a very easy thing to do, believe me.
The implementation is available, and you can generate the hashed passwords yourself, even offline. Save the implementation and put it somewhere you're sure won't go down.
I doubt the project will die, though.
No. If you are in a place where you can't use the extension (cybercafe, someone else's computer, etc.), you can go to http://www.pwdhash.com/ and generate it there. You can also get it as a bookmarklet instead of an extension, BTW.
Phishing attacks are becoming more common, and obviously, it is necessary for all users to be more cautious about exactly where they are entering their passwords -- this means being very alert to the contents of the URL bar (so as to not be deceived by things like "http://www.google.com.blahblah.phisher.tripod.com /google..."), and also not being misled by javascript window-within-window things that make something else look like the URL bar, etc. All this probably requires a greater level of attention than is within the capabilities of, say, old people (or even those teenagers on MySpace). So how do you make sure you don't give away your password to the wrong guys?
A common phishing-like attack is to somehow hack into some low-security site and get some username-password pairs, then try them at other sites. As you might guess, this trick is quite effective, because most people use the same password everywhere. Remembering hundreds of different hard-to-guess strings is somewhat hard, after all.
So given that Grandma is going to use the same password everywhere, and isn't going to be very alert to phishing, how do you still make it safe for her to use the internet? (Or, if you don't care about Grandma: How can you get away with remembering only one password and be reasonably safe against phishing?)
There is a solution that's simple, effective, and comes at no cost -- no changes to the "user experience". It's PwdHash, developed by Dan Boneh and others at Stanford. It's available as a Firefox extension. Basically, to use it, you just pick for each site (while registering or changing the password) a password and prefix it with "@@". It could even be the same password for all sites. PwdHash will transparently convert the password you typed into a one-way hash based on the site's domain, so that the password with which you are registered on the site is actually something other than what you typed -- but you don't need to know what it is, because the next time you visit the site, you again type your password (begining with "@@"), and PwdHash will send the site your correct password (does the same thing again). So if a phisher (who is by definition on some other domain) tries to steal your password, he actually gets a different one from what the correct site would get. (Oh, and PwdHash warns you if you type "@@" into something that is not a password field.) Everything else works the same -- all you have to do is to consistently type "@@" before your password each time (or hit F2, alternatively). The idea of domain-based generators is not, new, but the beauty of this one is that it fits perfectly into one's existing workflow. A long as you ask Grandma to pick a password that "begins with" @@, you can be sure no phishing website will get her password. (Of course, it is still susceptible to email scams and malware programs, but at least safety while browsing is taken care of.)
The researchers demonstrate it as a solution to phishing, but I use it simply because remembering too many passwords is a pain. And it's by some of the top Crypto researchers, so you can be quite sure it doesn't have any stupid vulnerabilities. Read the paper (or see the Powerpoint presentation if you'd prefer it) for a more in-depth consideration of other issues. (Interestingly, one of the co-authors is Stanford student and Firefox guy Blake Ross.)
and the Mac users just keep quiet about their virus infestations, so they can keep the Sacret Cult of the Mac going strong. I know plenty of Mac users who have to do clean installs all the time because their machines get so clogged up with worms and viruses. All of these whiners talk like that's not true!
What planet are you on? Mac users keep quiet? Does that mean they've managed to suppress anyone in the world from mentioning any supposed Mac virus/worm? You know plenty of Mac users with machines clogged up with worms and viruses? Do let us know who they are, please, we'd all like to examine the first known OS X viruses and worms. I've dealt with hundreds of Macs even since OS X was released and have yet to see a 'virus' or 'worm'. I'm afraid the truth is very boring, there are none. Fact: At present there are no known OS X viruses or worms in the wild. Fact: For OS 9 there were a few but nothing compared to the 10,000 plus for Windows. Get a life!
Irony can be either intentional or unintentional...
OTOH, my nomination "most awesome game ever" goes to Desert Bus from Penn and Teller's Smoke and Mirrors game package (it never made it big, surprisingly). The game was an answer to the Jack Thompson-types. Quoting from various sources:
'Desert Bus' was a game we thought would really appeal to people who didn't like unrealistic games, and didn't like violence in their games. It was just like real, loving life.
The objective of the game is to drive a bus from Tucson, Arizona to Las Vegas, Nevada in real time at a maximum speed of 45mph, a feat that would take the player 8 hours of continuous play to complete, as the game cannot be paused.
The bus contains no passengers, and there is no scenery or other cars on the road. The bus veers to the right slightly; as a result, it's impossible to tape down a button to go do something else and have the game end properly. If the bus veers off the road it will stall and be towed back to Tucson, also in real time. If the player makes it to Las Vegas, they will score exactly one point: the counter - which was five zeros - went to 1.
For those who doubt that this is really happening in India, here is conclusive proof:
I'm in India, and I cannot access the article. In fact, I've seen this happen to many articles that Slashdot links to!;-)
BTW, the page gives a Wordpress error saying "Error establishing a database connection"... nevermind, it's back up again; maybe the guy was just fiddling with some settings.
Wow. I was (pleasantly) surprised when the Hindi film songs show, and parts of the regional shows, started showing perfect subtitles along with the songs a few months ago, and I was amazed that Doordarshan (our (India's) government-run national channel) would take such efforts, but now I realise it's being sponsored by Google!
This is seriously a great idea. For those who doubt it will help, consider that Finnish children practically learn reading by watching Finnish subtitles of American TV shows, and they are the best.
I agree completely. Those animations, sounds and "cool" transitions serve only to distract. Perhaps they're fine when the intent of the presentation is to impress, but when it is intended to actually convey some content, one is better off without them. PDFs are clearly better; they work everywhere, and look exactly the same too.
In this case, if all the parties know LaTeX, then nothing could be better than using Beamer. Thrown in a CVS repository too, and you have the perfect collaboration system.
It's a patent on automatically providing all of the different possible conjugation forms of any verb on the fly, which is something I, for one, haven't seen before and think could be pretty useful...
Have you looked at a (good) dictionary?
Of course it is pretty useful. In fact, it is something fundamental to language. Which is why it is reprehensible that some company should have a patent on it. It is like giving them a patent on changing sentences from passive to active... no, it's worse.
(This Onion article might not be too far from reality, after all.:-)
P.S. Note that ^M is not Caret-M. It is a single character. I usually just copy it out of the file, and then do it in emacs.
Try C-q C-m sometime.
Of course, the simple way of "removing the funky windows line endings" is to run fromdos at the commandline, but kids today... they use Vim and Emacs and whatnot. ;-)
Slashdot Mirror
I already wrote about that in my blog post linked above :) (And the text on the Wikipedia article. It's a small world.)
It seems a misattribution though, because (as you'll see if you read it) there is no textual evidence of Hoare having said it, and he himself has no recollection of any such thing.
No, Donald Knuth, Structured Programming with go to Statements, ACM Computing Surveys, Vol 6, No. 4, Dec. 1974 (p.268). (Unless you can find a reference for Hoare having said it. See here.)
I've seen that video before:
It was commissioned by Harvard by an animation company called XVIVO. See the three-minute version here or here. There's a nice article about this particular animation, and [blatant self-promotion whatever, but to avoid retyping everything]: some other stuff.
Yeah, Ali G has used that one :)
The Ubuntu Customization Kit (some old version here, with screenshots) looks useful, and Linux Live looks even more general.
Yes, Youtube's quality is bad, and that of the user-generated content is worse. I guess that's why the title says that Youtube will pay for this. :-)
Anti-phishing is primarily a problem of protecting idiots. It's not a very easy thing to do, believe me.
The implementation is available, and you can generate the hashed passwords yourself, even offline. Save the implementation and put it somewhere you're sure won't go down.
I doubt the project will die, though.
No. If you are in a place where you can't use the extension (cybercafe, someone else's computer, etc.), you can go to http://www.pwdhash.com/ and generate it there. You can also get it as a bookmarklet instead of an extension, BTW.
- Phishing attacks are becoming more common, and obviously, it is necessary for all users to be more cautious about exactly where they are entering their passwords -- this means being very alert to the contents of the URL bar (so as to not be deceived by things like "http://www.google.com.blahblah.phisher.tripod.co
m /google..."), and also not being misled by javascript window-within-window things that make something else look like the URL bar, etc. All this probably requires a greater level of attention than is within the capabilities of, say, old people (or even those teenagers on MySpace). So how do you make sure you don't give away your password to the wrong guys? - A common phishing-like attack is to somehow hack into some low-security site and get some username-password pairs, then try them at other sites. As you might guess, this trick is quite effective, because most people use the same password everywhere. Remembering hundreds of different hard-to-guess strings is somewhat hard, after all.
So given that Grandma is going to use the same password everywhere, and isn't going to be very alert to phishing, how do you still make it safe for her to use the internet? (Or, if you don't care about Grandma: How can you get away with remembering only one password and be reasonably safe against phishing?)There is a solution that's simple, effective, and comes at no cost -- no changes to the "user experience". It's PwdHash, developed by Dan Boneh and others at Stanford. It's available as a Firefox extension. Basically, to use it, you just pick for each site (while registering or changing the password) a password and prefix it with "@@". It could even be the same password for all sites. PwdHash will transparently convert the password you typed into a one-way hash based on the site's domain, so that the password with which you are registered on the site is actually something other than what you typed -- but you don't need to know what it is, because the next time you visit the site, you again type your password (begining with "@@"), and PwdHash will send the site your correct password (does the same thing again). So if a phisher (who is by definition on some other domain) tries to steal your password, he actually gets a different one from what the correct site would get. (Oh, and PwdHash warns you if you type "@@" into something that is not a password field.) Everything else works the same -- all you have to do is to consistently type "@@" before your password each time (or hit F2, alternatively). The idea of domain-based generators is not, new, but the beauty of this one is that it fits perfectly into one's existing workflow. A long as you ask Grandma to pick a password that "begins with" @@, you can be sure no phishing website will get her password. (Of course, it is still susceptible to email scams and malware programs, but at least safety while browsing is taken care of.)
The researchers demonstrate it as a solution to phishing, but I use it simply because remembering too many passwords is a pain. And it's by some of the top Crypto researchers, so you can be quite sure it doesn't have any stupid vulnerabilities. Read the paper (or see the Powerpoint presentation if you'd prefer it) for a more in-depth consideration of other issues. (Interestingly, one of the co-authors is Stanford student and Firefox guy Blake Ross.)
For those who doubt that this is really happening in India, here is conclusive proof: ;-)
I'm in India, and I cannot access the article. In fact, I've seen this happen to many articles that Slashdot links to!
BTW, the page gives a Wordpress error saying "Error establishing a database connection"... nevermind, it's back up again; maybe the guy was just fiddling with some settings.
Results 1 - 10 of about 28,800.
Enough said.
Nah, Extreme Programming is cool enough.
Wow. I was (pleasantly) surprised when the Hindi film songs show, and parts of the regional shows, started showing perfect subtitles along with the songs a few months ago, and I was amazed that Doordarshan (our (India's) government-run national channel) would take such efforts, but now I realise it's being sponsored by Google!
This is seriously a great idea. For those who doubt it will help, consider that Finnish children practically learn reading by watching Finnish subtitles of American TV shows, and they are the best.
In this case, if all the parties know LaTeX, then nothing could be better than using Beamer. Thrown in a CVS repository too, and you have the perfect collaboration system.
Yes, it's useful. Like the iPod Nano 200 GB. (For those too impatient to read all the instructions, these are the results.)
Of course it is pretty useful. In fact, it is something fundamental to language. Which is why it is reprehensible that some company should have a patent on it. It is like giving them a patent on changing sentences from passive to active... no, it's worse.
(This Onion article might not be too far from reality, after all.
Of course, the simple way of "removing the funky windows line endings" is to run fromdos at the commandline, but kids today... they use Vim and Emacs and whatnot.